Navigated to Episode 236: No Nancy Here - Transcript
Get the app

Log in
Podcasting 2.0

Episode 236: No Nancy Here

Episode Transcript

Podcasting 2.0 for September 26th, 2025, episode 236.

No Nancy here.

Hey everybody, the Rodecaster's working.

Don't worry, you won't be subjected to all kinds of nonsense for hours on end.

No, instead, it is a regularly scheduled board meeting of Podcasting 2.0 where we discuss everything going on in podcasting, the history, what's happening now, and where we are going in the future.

I'm Adam Curry.

Wait, I forgot to tell you, we're the only boardroom that rejects work slump in the office, there it is.

I'm Adam Curry in the heart of the Texas Hill Country and Alabama, the man who's my first call in case of a security breach.

Say hello to my friend on the other end, the one and the only, the only pod sage, Mr.

Dave Jones.

Are you cleaned up now, are you clean?

Yes, I'm clean, man, I'm clean, I'm clean.

That was kind of interesting.

I have never had a breach in my life.

You got popped.

I sure did.

That was, I mean, who in their right mind?

No, but who in their right mind is thinking, hey, you know what, I'm going to run a crypto miner on a two gig Linode instance.

I mean, what are they mining?

They were probably just all kinds of stuff.

I mean, everything you can think of.

They run crypto miners on- Washing machines.

Like home routers and crap.

I mean, if it's got a CPU, they're going to mine on it.

Collectively, when you're mining on 7,000 hacked machines, you actually get some horsepower.

So I've always, honestly, I've just always been too lazy to figure out how to do all the key stuff.

I'm like, oh, it's SSH.

If it's SSH, then it should be secure.

Then whatever I'm sending should be secure.

How do they actually sniff out my access, my password, if I'm using SSH from my machine into the server?

What are they doing that they can sniff that out?

Well, so the way, it's all credential stuffing.

So you're going to have, there's mass scanners out there polling for OpenPort 22 all the time.

Oh, I see that, yeah.

And then as soon as they, they'll get a list and then they just start throwing password dictionaries at it as fast as possible.

Can they see usernames?

Don't know about that.

Because I don't have a traditional- But you had root permit, you had root- They didn't come in through root.

They didn't come in through root.

They came in through Atom?

No, different names.

None of them were Atom, which is why I thought it was kind of interesting.

It's like, so how do you guess that?

I mean, it's possible that they came in, I mean, you haven't really traced that breach through the logs, but I mean, it's possible that they came in a different way, but I would not, that would not be my first thought.

Interesting.

It's, it could be that- But I'm pretty sure root access was open.

I'm pretty sure that was open.

So if- So in that case, you've got root and then you just have to guess the password.

Yeah, you can look at your, you can look at your authentication log and see where the initial hit was.

It should still be in there.

You know, you'll see in your, oh man, what is the name of that log?

Is it, let's see.

I think it may be in just your sys log coming in as cron.

I mean, excuse me, as SSHD.

Authentication.

Maybe you need to like, so what happened was your, one of your boxes got- Two, two boxes.

Okay, two of your vibe coding boxes got popped.

Well, one that was actually in production and it's, you know, it's running an FFmpeg streaming radio thingamabob with a singular Python script.

And I'm very wary of resources for a whole bunch of different reasons.

I want to see if I can put it on a, on a one gig linode, you know, and keep it even cheaper, even smaller.

And so I have HTOP running.

I'm like, wow, why is it at a hundred percent?

And I go looking and it says, okay, you've got this process called K audit zero running at 97%.

So that was kind of, that was actually, it's actually kind of nice because you don't notice it right away.

You know, it was like my stuff was still working because it uses very little CPU and very little overhead.

And there, this K audit zero mining thing, it just uses CPU.

It doesn't really use a lot of memory.

And so that's how I saw it.

And I'm like, oh crap.

And, and, you know, I could see that it all happened yesterday because, well, first of all, I noticed it yesterday and I wasn't quite sure what it was.

And, but I could see that, you know, they put in SSH keys and all this stuff all on the 25th.

So, okay, all right.

Backdoor.

Yeah, cron tabs and all that stuff.

So, I would imagine that, you know, if you have, if you have anything, if you have a relatively weak password, it's, it's gonna be.

Yeah, that's the thing though.

I have, you know, my passwords are generated by, what do you call it?

Vault warden, bit warden.

So, Your SSH login password?

Yeah, yeah.

It's possible.

So, it's possible that it came in through, and that's why I would want to do is check, check the SSH log and see if that was the actual first hit because it could have been, they could have come in through some, through a flaw in some other part of the system.

I mean, that's possible too.

You have, you have, you know, how much stuff do you have open on that box is the question.

Yeah.

And exposed.

You know, which ports do you have open with running software on it that may not be secure?

Well, I can see, you know what?

I can see right now, they definitely came in through root.

Oh, well then that's, that's probably SSH then.

Yeah.

Yeah.

Cause I'm seeing they're trying now.

Oh, really?

Yeah.

Let's see, they're trying port 39550, the port 58232.

That just gotta be a scan then, I guess.

I just scan the ports.

Well, now what are you, where are you seeing this at?

In var log auth.log.

Okay.

And that's, and those are SSH attempts?

I guess.

It doesn't actually say, it says, yeah, SSH authentication, authentication failure, root, root, root, root, root, root.

Yeah.

And then user vios.

Okay.

All right.

So you got, so you got hit by root then.

Yeah.

Did, had you, did you have a long password on root?

Yeah.

Oh yeah.

Yeah.

Yeah.

That's, I don't know.

It would be interesting to go back and see where that first successful login was, you know, like when it happened.

Let me see.

So that would be, here's how, I'll just try it one, then we'll give up on it.

Yeah.

Cotton gin.

He, yeah, he's, he's got it.

He's got root and password logins disabled.

Oh yeah.

They are now.

He's keys all the way down, baby.

Let me see.

Okay.

And this would have to be on the 20.

Oh, interesting.

Hmm.

Binary file matches.

Yeah.

You can ignore that.

What would I be grepping for here?

Well, I mean, just the SSH authentication entries, you know, SS, var, log, auth, log with SSH.

You can search it for SSH.

Yeah.

That's interesting.

Nothing past the 27.

That doesn't make any sense.

Well, maybe, I don't know.

So whatever.

As long as you, yeah, as long as, so, I mean, my standard protocol for this kind of stuff.

Which I now have.

Thank you very much.

Which you have.

I have the Dave Jones standard protocol.

I'm very happy with this.

If anybody's running servers, you know, Linux servers, you really, I mean, to me, like bare minimum is you need to disable, disable root.

If this is in your SSH configuration, you need to disable root login, disable password login, disable interactive keyboard login.

Only put your SSH server on a different port than 22.

Then make, and then enable only key pair authentication, public key authentication.

And the, what I go, I go one step further.

Some people don't want to go this far, but I go one step further and I restrict access to my SSH port using UFW to only particular IP addresses.

So I don't, I just, I do not play around with that stuff.

And it's sometimes, you know, and sometimes it can be a pain and people don't want to deal with it because you're on the road or something and you want to log into your machine and you, you know, you can't because you're restricted.

It is a pain, but now with TailScale, I just restrict everything.

I restrict all the logins to all the boxes, to my, to the CIDR block that is part of my residential IP scheme.

And then I just come back.

That way, if I get a new IP address at my house router, it's not gonna, you know, I still, I'm still okay cause I'm on the whole subnet.

And then if I ever need to get onto it from the road, I just use TailScale and come back through my house and just get it that way.

The bottom line is, if you're gone, podcast index is history.

Hey, Melissa, Melissa.

Okay, just sit in front of the console.

Tell me what you see.

What windows are open?

Oh, this 18 open.

Okay, let me see.

Type in S-S-H.

Go to the dead body.

Is his phone in his pocket?

Can you put his thumb on the authenticator for me?

Okay.

Hold it in front of his face.

Open his eyes, open the eyelids.

Just open them up with your fingers.

Yeah, okay.

There you go.

Perfect.

Oh, the finger's too cold.

Okay, switch to the face.

That's hilarious.

But not really.

No.

Not really.

Oh man.

And it was, cause you know, I got a lot going on these days.

So this morning I was like, oh, cause last night after, after I did no agenda, I'm pretty tired.

I had modularized, modularized, modularized, modularized, my Python script, which was actually kind of cool.

Cause you know, and the only reason I did it is the, the vibe coding machines, they stopped being able to write the whole script.

It was like 1200 lines.

And it went, it just kept not completing.

And I learned something else by the way.

If you upload your, this is grok in this case.

If you upload your scripts, it may truncate it on the upload.

I said, well, I never had the full script.

What do you mean?

I uploaded it to you.

Well, no, I never had it.

It got truncated.

Oh, that's good to know.

So it only accepts a certain amount of input and then you're toast.

Well, unless you paste it in, which is okay.

That's fine by me.

So I'm like, well, why don't I just modular, modular.

Why don't I chop it into bits?

I chopped it into bits.

And so I was all excited.

This morning, I got a couple hours like, ah, it's great.

I'm going to work on this.

I hadn't actually tried it out yet.

I'm sure there were some bugs.

There were, and I'm like, whoa, everything's spiking.

All the machines are spiking.

So I spent a lot of copy and pasting your instructions on how to do this.

And then once I got it, like, okay, now I know how it works.

Then I just shored up everything.

Cause I got other machines that haven't been hacked yet.

And so I started shoring up everything.

But I'm- There's still time.

But I can tell you this box is just, it's getting hit every second.

Oh, you're- Every second.

You're a target now.

Yeah, now it's trying FTP users.

It's like, it's nonstop.

Oh, really?

Yeah, oh yeah.

My first, my first ever, my first ever hack experience was at an old job many, many years ago.

This is probably 96, 97.

I don't remember.

But do you remember the University of Washington FTP server?

Oh yeah, what was that?

Yeah, it was just kind of like the standard FTP server that was shipped with like Red Hat 6.

Yeah, yeah, yeah.

And FreeBSD and all that, you know, OpenBSD, they all used the UWFTP, the University of Washington FTP server.

And so I fired it up because I needed to, I needed to push some files up from a different location and forgot to turn it off.

It was only going to be temporary and forgot to turn it off.

And of course, I mean, like within 24 hours, it was hit.

I got a call saying, hey, our website, like the front page of our website has something weird on it.

And I'll go and look at it.

The website had been defaced.

You know, this was back in the days where hacking wasn't really for money yet.

People just wanted to like deface your website so they could say, I've been here, look, I own you.

Exactly.

Back when it was fun, in the good old days.

We were just having fun, man.

Don't get your panties in a bunch.

Yeah, back before ransomware and all that.

And so I was like, I mean, I was, gosh, I don't even know how old I was, 20.

I was like, oh crap, you know, freaked out, finally figured out where it came from.

And from like then on, I've been Mr.

non-standard port, firewall, everything, just like so paranoid.

It only takes once.

It only takes once.

No kidding.

So the SSHD config you gave me, that basically shuts everything off.

There's no, they can't log in any other way than with the public key.

Right, okay.

Right, yep.

Because I can see that actually trying to use the password, which is an actual path on the machine, which is an odd combination to try.

Now, it's a file path they're using as the password?

Yeah, I just saw it, just tried that, trying everything.

This guy's like, man, my Bitcoin, my Bitcoin's on that machine.

How do I get my Bitcoin?

How do I find that Bitcoin?

Is that Bitcoin on my machine somewhere now?

Man, I had four sats on there, dang it.

Can't be much more.

Okay, that tells me, actually, that may be, if they're using a file path, that could be a file traversal vulnerability and some sort of web thing that you have going on.

I'm presuming that they were already in there.

I mean, they could be looking at NGINX, because port 80 is open, 8,000 is open, 8080 is open.

But they're not on those ports, though.

If they're able to upload, if you have a file traversal vulnerability or a file upload vulnerability in one of the web, in one of your web things that you're serving, then that would allow an attacker to upload something to the box into a location on the file system they specify, then come in later and address that file they uploaded in an SSH login or some other attempt.

So they could be, essentially, they backdoor you by uploading through an existing open hole in your web.

I mean, I would, you know, there's no telling what's in that Python script that you're using.

It may have- Could be all kinds of groovy stuff in there.

It may be allowing all kinds of stuff.

I mean, is it using like Jenkins or some sort of Python?

No.

Jenkins?

Web framework or something like that?

Unfortunately, I am using Flask on, I wonder if Flask has a vulnerability.

It could, yeah, it could.

It's a very common thing in CMS is to allow- Stick something in there.

Like, oh, I got something for later.

Upload.

A little candy, a little candy for later on, everybody.

Bastards.

Nah, so far, it seems they're having trouble.

Okay, we're good.

Yeah.

Anyway, so do you have anything on, I got some stuff, I don't know, do you have anything on your list for today?

Oh yeah, I've got tons of stuff, always.

And if I could bring up my notes.

You go ahead, I'm trying to bring it up.

Well, the main thing, I guess, there were two things on my list.

The big thing was AI tagging, which Power had, we're talking about that quite a bit on the show this week.

It's on my list too, yep.

And then censorship is podcast index.

Is it really censorship resistant?

Well, you know, the AI tagging thing, I've also got that on my list.

And I've also, I just got some, I mean, I think we just need to probably talk about AI stuff in general.

I mean, not that we don't talk about it every freaking week.

Well, for two years, everyone's been saying, oh yeah, yeah, AI is a new thing in podcasting.

And here we are.

Surprise, surprise.

It's here.

I mean, I think the word that hit me this morning was after listening to James's interview.

Yes, with what the lady's name?

Janine.

Janine.

Wainthright.

No, not Wainthright.

Janine something.

Wainthright.

Right, Janine Wright.

Janine Wright.

Co-founder, CEO of Inception Point AI, yes.

I mean, the thing, the word that hit me this morning was creative hyperinflation.

I think that's what, I think that's what we're beginning to live through.

I like that, creative hyperinflation.

Yeah, I mean, like I wrote, as I've been thinking about this on and off all week, and we talked a little bit about this last week, where if there's a way for somebody to farm content for money, it's gonna happen.

That, you know, like that guy Tanner Campbell from a long time ago, I think, did we have him on the show?

No, I don't remember if we did.

No, I don't think so, no.

But I mean, he had this whole thing where he's like, here's how you make money in podcasting.

You go and buy, you put your podcast on Spotify using Anchor, then you go buy a bunch of Facebook ads pointing to your Spotify podcast.

And then you buy, then you do, and that gives you enough hits to enter Spotify's mark, like a creator advertising program or whatever.

And that gets you, it was this whole formula, this spreadsheet saying how you could take, you could launch a show and within six months have X number of dollars coming in through ad revenue using, you know, essentially farming the system.

Yeah, sure.

And, you know, that's how this stuff works.

And AI is the latest version of a farming scheme.

I mean, that's what we're dealing with, the, you know, in Inception Point or whatever, you know, I think that's the name of that company.

Inception Point AI.

Yeah, that's what this is.

This is just a, this is a ad revenue farming mechanism.

And that's not to say, like, that doesn't mean that it's, I'm not making a moral judgment on it at this point, because people, lots of people have been doing this since the web started.

This content farms, quote unquote, have been around for many years now on the web.

And at scale, at a high enough scale, okay, well, let me back up and do it like this.

So when I'm thinking about whether the index should ingest this stuff or not, you know, right now we are, and I don't, I do not anticipate that we would stop.

But in general, digital has a huge drawback.

And that is that creating new information that will then have to be stored forever is too easy.

There's not enough of a cost to it.

You know, imagine if there were a book, like a physical book, okay.

Imagine if there was a book creation machine that someone create, that someone built.

In this book creation machine, there's actually a short story that's very similar to this.

I'll have to look it up and find a link to it later.

Or it's not about this kind of thing, but it's very similar.

Imagine if there was a book creation machine that would create new books at a rate of like 10 trillion books a day.

Within a few years, the entire surface of the earth would be covered seven feet deep in books.

With books, yeah, a lot of books, a lot of books.

So that's essentially what we have now with LLMs.

We have the ability to create virtually infinite amounts of, quote, creative.

And that information, if it is then pumped into standard channels of distribution, it is going to overwhelm the digital platforms that exist.

So this is actually very interesting because I kept hearing James talk about, well, whatever the advertisers want.

And my initial response is, what?

Advertisers don't determine what we do.

But now I get it because the advertisers are effectively being duped.

Well, and the question is, are they being duped?

When it comes to downloads, yeah, I think so.

And so when you have in your model, so you have 3,000, you have 5 ,000 podcasts creating 3,000 episodes a week.

And you can hear that they have two ads in front of every single one of them, which probably are not even listened to.

And we know from my own experimentation, you can create download bots quite easily.

There's only one hosting company that really blocks anything that they don't see as an approved user agent.

Everyone else, if you use Mozilla, obviously.

In fact, everyone accepts Mozilla, but not from certain IP addresses.

So if you're building a bot farm on Linode, you're gonna be disappointed by at least one host.

But in general, from what I see, I could do that for every other hosting company.

And in fact, I could do a version of what we did when we initially filled up the podcast index is I could just get a million, a million downloads, 4 million downloads or 4 million accesses, whatever you wanna call it, over time.

And that would be a nice little bit of pocket change.

I don't think I'd get rich on it, but yeah, it'd be nice.

Yeah, just some nice little coin in my pocket.

And so that's the problem.

The whole AI tag is not for you, not for me, not for Joe, the listener, because Joe, the listener will know very quickly, oh, that sucks.

Or it's AI, but I kind of like the information, but it's the advertisers.

That's who everyone's trying to protect in this is it's going to flood the advertising ecosystem.

And that's where the problem is going to be.

I think that's what you're saying.

Yeah, because this is essentially a audio version of what if it was done on Google, we would call kind of click fraud.

Yeah, kind of, complete.

Not just kind of, it is click fraud.

I recommend everybody listen to James's interview with the- Janine Wright.

With Janine Wright.

What was your takeaway?

What's your takeaway from it?

She seemed very uncomfortable.

To me, that was a general sense that I got.

And I don't blame her, I would be too.

If there was, I commend her for coming on the show.

Sure.

And actually doing the interview.

But I think she did sound uncomfortable.

I also think that this sounds very much like a company who's looking to get purchased.

I don't think this is a long-term thing for them.

This seems to me more like a, hey, look what we're doing.

Somebody, we've got some really cool tech.

Somebody needs to come buy us.

And to me, that feels like what this whole thing is.

It's just essentially like an idea flip.

Interesting.

But, and so in that regard, having, being on an interview like this, this is an all news is good news type situation.

People get mad.

Maybe people in the podcast industry get mad, but that doesn't really mean anything in the ultimate scheme of things if they flip the company and get paid.

So for their admittedly pretty cool technology.

And, but then, but, I mean, long-term, who knows how this thing goes?

I think James's questions, I think what he was getting at was obvious, which is, it's not about the AI part.

It's about, is there a human doing anything?

Is there- Oh, even writing the script.

Yeah, even writing the script is where James was going.

Right.

Yeah, and if there's not, if there's absolutely no human oversight whatsoever, then it really is just like the book generator machine.

Yeah, but the point is some of it may actually be enjoyable.

Some of it may be what people like.

In fact, a lot of it may be what people like.

If you look at the comments on some of these AI podcasts, yeah, a lot of them are like, this is crap, this is no good, this is AI.

But some of them are like, well, well, I do that knitting stitch differently and it works quite well for me.

You know, so not everyone, clearly not everyone thinks it's slop.

Yeah, my question would be, does anyone think that it's, does anyone understand that it's actually AI?

Yeah, I think a lot of people do.

The ones who respond positively.

Do you think- They might not, no, they might not.

They might not, they, I don't know.

I mean, a lot of people are talking to their AIs and they don't seem to have a problem with it.

So if they don't mind their own personal AI talking to them, maybe they don't mind a podcast AI.

You know, not everybody in the world is normal.

Hey, man, some people are weird.

Wow, is this a new discovery that you've made?

Like somebody who gets their knitting tips from an artificial intelligence voice, that's- Yeah, you'd be surprised.

I'm willing to say that not everybody is like, you know, a hundred percent.

I've been reading this book, I just started it.

Do you know a guy named Paul Kingsnorth?

No, I don't think so.

Lives in Ireland and he's got an interesting background.

He's a Catholic brother, but he came from an, like an ecology, what would you call that?

Like a, he was part of, do you remember Earth First?

Why does this ring a bell?

I can't recall it.

They were like a, they were like a 70s version of stop the oil or whatever those people are that like glue themselves to the street.

Oh, X something.

Yeah, I know what you're talking about.

Yeah, like it was, they were like a radical environmentalists.

Okay, and I'm, I don't, yeah, I think that's a fair thing.

I think they would accept that they were radical environmentalists.

I think that movement collapsed.

There's actually a book about it that I have on the shelf.

I haven't even read it yet.

I've only perused it, but it's about the Earth First movement and how it collapsed and set back environmentalism a long way.

But he was a member of that and that kind of thing.

But anyway, so he just wrote a book called Against the Machine.

And it's a book just about modernism, industrialism, technology, technologism, that kind of thing.

It's a very, it's just a book that you would think is pretty fitting for our time.

And I've got, I actually wanna read a section of this real quick, because I think this is kind of like, I think he captures something here.

He says, and forgive me for the length of this.

He says, meanwhile, out in what is fondly called the real world by people who often don't know very much about reality, you are living in a metastasizing machine, which is closing in around you, polluting your skies and your woods and your past and your imagination.

If you have the kind of sensibility which prefers Lothlorien to Isengard, this means that you are a character in a tragedy rather than a heroic epic.

Most of the things you like are fading away.

The great forests and the stories made in and by them, the strange cultures spanning centuries of time, the little pubs and the curious uninhabited places, the thrumming temples and dark marshlands and crooked villages and folktales and conviviality and spontaneous song and old houses, beaches and wild hilltops, the chance of getting lost in the rain forever or discovering something that was never on any map, a world without maps, a world without engines.

This world you can see is on the way out.

If it is not already long gone, the one thing is manifesting to replace it is a left brain paradise, all straight lines and concrete car parks where the corn exchange used to be.

The future is STEM and chatbots and cashless parking meters and economic growth and asteroid mining forever and ever.

There is no arguing with it.

You can feel the great craters that it makes in the world.

You can feel what is being tarmacked and neatened and rationalized into oblivion in the depth of what is leaving, but you cannot explain or justify it in the terms which are now the terms we live by.

You just know that something is wrong.

Everybody tells you that you feel this because you're infected with something called nostalgia or that you picked up a dose of Luddite-ism or romanticism at a party or in a doctor's waiting room.

Basically, there is something wrong with you.

You don't understand progress, which is always and everywhere a good thing, but you can feel something going on that is not a good thing and it doesn't matter how many lies, damn lies or statistics are produced to prove otherwise.

You can feel this as something enveloping you.

The Welsh poet R.S.

Thomas described it chillingly in his poem, Other, in a verse I've never forgotten since I first read it.

The machine appeared in the distance, singing to itself of money.

Its song was the web.

They were caught in, men and women together.

The villages were as flies to be sucked empty.

God secreted a tear.

Enough, enough, he commanded, but the machine looked at him and went on singing.

Now, that's depressing.

It reminds me a little bit of, what was the Neil Stephens' book?

I think it was, was it Snow Crash?

I think it was Snow Crash.

Snow Crash, yeah.

Yeah, where the only thing left in real life was food delivery and FedEx.

Yeah, right.

Everything else was online and everything got hacked all the time, basically.

It says, he says, you can feel something going on that's not a good thing, and it doesn't matter how many lies, damn lies, or statistics are produced to prove otherwise.

You can feel it's something enveloping you.

That's what I heard in that interview.

Yeah.

Is, look, this is fine.

What we're doing is fine because let me give you some statistics.

Let me tell you why in 24 months everything's going to be AI and none of this is even going to be an issue anymore.

None of those arguments truly matter because you could tell that what James was was, was uncomfortable with this.

He's uncomfortable with something about the way this thing is being done.

Yeah.

And I think the uncomfortableness is what Paul Kingsnorth is referring to here.

It's, and it's like we talked about a couple of weeks ago, being part of the push right now with AI is to get us to be comfortable with it because so many of us are.

It's an attempt to flood the zone with so much AI content that we become sort of numb to the thing that is, you know how sometimes you have like a, I think a lot of us have had this experience in the past.

Somebody new comes into our life, somebody that's like a new acquaintance or friend of the family or something like this.

And this new person comes in and, you know, and starts to, you know, through connections that we have in the community or whatever.

And this new friend begins to be around us more, around our family more and that kind of thing.

And there's something that just makes you uncomfortable about this person.

You can't pinpoint it.

You can't, there's nothing explicit that they have done that is, that you can point and say that I don't like, I think this person's dangerous or concerning or whatever.

But there's just something about that person that you just, that bothers you, makes you uncomfortable.

You think they may not be trustworthy or whatever.

And the longer you sort of deny that, that sort of, that internal feeling you have, you numb yourself to it.

And then you may find out later, you know, this guy ends up, I don't know, in jail or something.

Your concerns were validated.

And you think, you know, I knew there was something wrong with that guy.

I knew it the whole time, but I sort of seared my conscience against it.

Right.

And I think that's what's happening now with a lot of the, with AI.

I think we are getting, we're getting, this is a, we're living through a phase of desensitization.

Oh, for sure.

You know?

Yeah, oh, definitely.

And honestly, I think that's why podcasting is so wonderful because I don't believe any AI in our lifetime will be able to recreate a human being speaking in your head.

Video takes away so much of the recognition that, hey, this is not real, because it just, you look at something and your brain goes, that's real.

And audio is a whole different beast.

Yeah.

I guess I would say to that, but what if it does?

Okay.

Then you become jelly.

What more can I say?

You're screwed.

Nate, this is acclimation to institutification.

There's a- More of it, as far as I'm concerned.

The more, that's the only way.

The more slop we create, the more that's published, which I'm actually quite happy with, publish as much slop as possible because ultimately that's going to lead to entropy.

I just don't see any, I don't see how they can protect themselves against it.

It just seems impossible.

So we might as well go now.

I mean, again, the no agenda art generator, which for 15 years, people have been making art and uploading it.

They've all stopped.

Every single one of them who was making art by hand.

And they've either gone away or some of them may be doing some prompting, but it's crap.

I mean, it's so disappointing.

Yeah, there's a couple of people who have gotten around some of it, but you can see it.

You can see the washed out images.

Everything's orange, the cartoon phase, or everything's a cartoon.

Now you can just see these things ingesting crap and spitting it back out.

And it's just worse.

I can literally see it.

And now you're, an academic paper could be written about the no agenda art generator.

Absolutely.

Someone should do that.

And you can see, and now what happens is your, is the no agenda show album art is almost indistinguishable from something like the media round table.

Yes.

Whereas used to, they used to be complete.

You would never associate those two, but now you scroll through your list.

Since y'all are both essentially having AI generated artwork, they just kind of blur into, they look like they're the same thing.

Yeah.

And orange is the predominant color for some reason.

I'm not sure why.

That's true.

Yeah, I don't know why either.

Orange just seems to keep popping up.

Everything, faces are orange, backgrounds are orange.

Orange is a favorite color.

Fish are orange.

It's just weird.

I'm scrolling.

It's like, everything's orange.

Everything is orange.

I don't have an answer.

And there, that's another part of the desensitization.

I think that one thing I took away from James's interview was just, he was pushed.

Sadness.

Sadness.

Sadness.

I heard sadness is what I heard.

Melancholy.

Yeah, right, right.

But it's the, he was respectful and did not push too hard, but it was the thing, it was the, what was unsaid was just as powerful.

Yeah.

And it made me think, you know what, I need, I have got to resist being consumed by just, oh well, it's the future.

I'm going to push back on that.

I'm going to resist even harder.

On a personal level, you mean?

Yeah.

Yeah.

I mean, like, you know, and ultimately I don't think that, I don't think that we need to ban anything out of the index unless it gets out of control.

Now, if it gets out of control and you end up with the automatic book creation machine and people start pumping in a million podcasts a day, we are going to stop that.

We're going to, there is a threshold somewhere of which I do not know where it is at right now, but there is a threshold of which we have to take action against this.

Yeah.

I don't think it's going to get that far.

I just don't see it.

I mean, the thing with podcasts is there's no real discovery mechanism.

YouTube, yes, there's this discovery mechanism.

And there's lots of ways you can get the algos to kick in and do things.

And once you reach certain levels, then you're kind of golden.

You can fly along and that's when AI will be perfect.

I mean, just go look for any topic on YouTube and you have to go through all the AI generated slop before you get to something useful, an actual human being.

But with podcasts, like what's the recommendation machine?

This may be the biggest downside to podcasting, which is you really only hear about other podcasts from other people in other places.

Like, oh, that's a good podcast.

Oh, I'll go look it up.

The biggest downside to podcasting may be its biggest defense.

Okay, that's an interesting thing because that was part of what they were...

Okay, one of the things she said in there was she was talking about the Charlie Kirk thing.

And she said, she gave the example of when Charlie Kirk was assassinated, we had a podcast out about that within like two hours, I think is what she said.

Hey, there were books that were published the day before.

Oh, really?

Well, that's interesting.

If you believe the telegram groups, yeah.

Oh, the telegram, okay.

Such a, so trustworthy.

The old, hmm, how could this book be published on September 9th when Charlie Kirk died on the 10th?

Hmm, hmm.

Coincidence?

Interesting coincidence, yeah.

All right, okay.

Yes, like, so she's like, well, we had a, we had a podcast out within two hours about Charlie Kirk and it went to number three on Spotify's list if you searched for Charlie Kirk.

Wow.

Okay, now, this caught my attention.

Yeah.

Because that's not the way that works.

I'm sorry, but if you don't just create a podcast, name it something that is like some other search term and have it show up at the top of the list of a platform like Spotify or Apple or even us.

That you do not get, ranking is not as simple as naming.

So there's, I don't know what, the only way that happens is if you pair it, if you pair your podcast that you just created and stuck into the directory, if you pair it with some sort of traffic generation.

Yeah, of course.

You have to have- Popularity.

Yeah, search, search, search, search.

Right, because you don't just create a podcast called Charlie Kirk and it instantly show up in the top three.

Well, I would say that people probably went searching for Charlie Kirk on Spotify and they came across it.

And if you, you know, juice the machine a little bit, it might move up far enough for people to catch it.

But if, how, let me, I'm going to go to podcast index right now and search for Charlie Kirk, Charlie Kirk.

And I mean, there's, there's like 30 results that show up immediately.

I mean, Inception Point AI, let's see, that is one, two, three, four.

It's number four and number five.

Number four, yeah, I see four and five, yeah.

How did it get to that level that fast?

Well, only you know how that works.

It works through traffic.

Right, so you don't think people just searching for Charlie Kirk biography or Charlie Kirk death?

Those are good titles to search on.

If you search- Let's listen, let's listen for a second here.

I'm going to get an ad, of course.

When it comes to results.

Okay, I'll wait for the ad to go.

Yeah, I'm giving him money.

Yeah, I'm sorry.

No, I mean, I have to admit, there must be a lot of metrics.

There's either a ton of metrics- So you're saying you have to have some kind of juicing machine inserted in order to get it there.

It just can't happen organically.

I would love to know if they're using something like MOPOD or something like that.

At Pismata Valley University, I'm James Carter.

And in this third and final installment of our series, we turn to legacy, investigation, and the broader implications of this tragedy.

My role as- They did three episodes on one day.

Released at 6.59 PM, 7.01 PM, and 7.03 PM.

So they made it look legit too.

This has got to be, there's got to be something like one of those services that are being employed to drive traffic is all I can think.

No, possible.

You just don't go to the top of the chart organically that fast.

It's just not possible.

So, I mean, this is not really, to me, it's not really about the AI so much as it's about like, you could do this same thing that they're doing.

You could do that with a thousand anonymous Indians.

You know?

I mean, at enough scale, at a big enough scale, people, if you have a sufficient quantity of people, you can also churn out as much content as this does.

Yeah.

I mean, you know, if you hired a thousand anonymous Indians as, you know, like Amazon did for their, you know, for their stuff, you could pump out just as much content.

3,000 episodes a week.

And, you know, and it would, all people just copying, pasting off Wikipedia or something.

Yeah.

So, I mean, to me, it's not this particular company.

Yes, they're doing it with AI in order to, you know, increase their profit margin, but they, you know, it's, this is not, the AI is not the most interesting part of this to me.

It's just, how exactly are they juicing this stuff into the charts?

Right, okay.

So, bottom line, it doesn't really hurt podcasting.

It could hurt platforms like the index.

If we're, you know, if there's a million submissions a day, the trillion book problem, that could just be a resource drain that becomes a problem.

But it doesn't actually hurt podcasting to me in any way.

It hurts advertisers because they're being scammed.

That's- And the loop is, you know, now the loop is complete because we already, we know that download scams are happening whether it's by putting something in a game that no one actually listens, it's just a download.

There's a million different ways to do it.

And Silicon Valley is filled with companies who do this, you know, just before the board meeting.

Look at our traffic, it's up, it's amazing.

We're spiking, we're doing great, give us more money.

It happens all the time.

But now the creation part is what's complete.

And so it's, for all intents and purposes, it's legit.

You know, it's not something I'm interested in, but it's legit.

It's no less, to me, it's like, all right, so you created it with AI and there's content and it may or may not be interesting to me and it may or may not be something, a voice that I want to listen to or copy that I think is useful, but it's legit creation.

You know, my example is always Eddie Van Halen.

Eddie Van Halen would, he really, when, what was the, what was their big album when they still had David Lee?

What was the one with John and...

Oh, 1984.

84, exactly.

So that was kind of when studios were really, really upgrading and, you know, punching in and just creating these unbelievable solos that you just listened to it like, wow, this guy is amazing.

So then they went out on the road and Eddie Van Halen had to learn how to play those licks that he had basically created in the studio.

So this is nothing new.

And he really couldn't actually replicate it the way that it sounded on the record.

It was almost a physical impossibility, just you don't have enough fingers.

You know, you can't place them.

That's what happened to the band Alabama, the fiddle player, they got studio musicians to come in on...

Sweet Home Alabama?

No, no.

That was Lynyrd Skynyrd, I'm sorry.

Yeah, yeah, yeah.

You know, the band Alabama had, I forgot which song it was.

They had one song where the studio fiddle player just, I mean, he just set the strings on fire.

And the fiddle player for Alabama was like, ho, ho, ho, ho there, champ.

You're gonna have to calm that down.

There's no way I can play that.

He's like, I can't play that in concert.

So they had to like, he had to tone it down so the real guy could play it.

Yeah, but my point is like, we've always had fake stuff.

You know, Milli Vanilli.

They got a Grammy.

They didn't even sing on the record.

I mean, anything can be done.

So if we wanna label it, no one's gonna adhere to it.

The people who are in this game, they're not gonna label their content as AI.

They're not gonna.

It's not for the listener.

This is all about the advertiser.

And James kept saying it as such.

Well, it's up to the advertisers, what they want.

Okay, well, so it's an advertiser problem.

To me, it's not a podcasting problem.

You know, I might actually listen to one of these podcasts.

I don't know.

It could happen.

I'd be like, oh, that's interesting.

It's AI, but the content industry.

It could be.

You don't know.

Charlie Kirk shows say that they're hosted by James Carter, a seasoned national news anchor with a calm, authoritative presence.

It says nothing in here that is AI.

The description was written by AI though.

No, but that's fine.

You know, they're not going to say it.

And why they shouldn't have to.

They use the podcast namespace in their feed.

So I'm happy.

Oh, well, good for them.

These guys, they rock.

Spreaker.

They're awesome.

Spreaker gave them the air legitimacy.

Awesome.

So now that would, as far as tagging, I mean, I don't, I cannot think of a way to do it, honestly.

No, there's no, it's like explicit.

Now you're either going to have to have a way for people to complain and say, hey, this should have an explicit tag or this should have an AI tag.

And then the feed is no longer the source of truth.

The minute we allow that.

I've been wrecking my brain trying to think of a way to, that this would work.

And I just can't.

Nobody's, I mean, if.

But I don't really care.

The thing is who benefits and who's hurt.

This company benefits short-term and who gets hurt?

Well, the advertisers, I'm sorry.

You've got a crap metric to start with.

Fix that.

How about that?

If the core problem is not AI podcast, the core problem is the download metric.

That's the core problem.

Yeah, I mean, there's just not.

Yeah, so yeah, Nathan's right.

I mean, solving the advertiser problem, that's just not something a tag is going to do.

No.

It's just not.

No.

It's not.

Unfortunately, this is one of those examples of trying to use.

And by the way, it's only dynamically inserted ads.

That's the problem.

It's not for host reads.

Yep, yep, because there's not going to be any.

Yeah.

Because nobody's going to buy that content.

Good, well, good.

Then that scourges out of my life too.

Well, I mean, honestly, the dynamic insertion, I mean, if you're buying dynamic insertion as an advertiser, you deserve what you get.

Yeah.

Because that's bottom of the barrel stuff anyway.

Yeah, yeah, exactly.

I mean, I don't know.

I just cannot, for the life of me, imagine how this would work.

The exact people who are going, who you would want to tag are the ones that are not going to put the tag in there.

So it doesn't matter.

Yeah, exactly.

So this does flow into censorship because, and classic government censorship is one thing, but at a certain point, Adam and Dave are going to say, well, this is hurting our system, this flood of a trillion books, we're going to have to censor this, which is a form of censorship.

Like, no, you can't be in our index.

And that would be the only reason that I would pull that trigger is because it is essentially out of platform self-defense.

Yes, platform self-defense.

I mean, there's no other, because, I mean, what is being said, I mean, we've said this since the very beginning, we're just not going to get involved in that.

That's up to the apps.

The apps can layer on top of us and decide to show whatever they want.

We're not going to be pulling stuff off based on content.

Exactly.

But, you know, unless it's locally illegal to us.

Now, I'm sorry.

Go ahead.

No, but if we have to play self -defense because we're getting overwhelmed with a certain type of garbage content, like AI generation or Vietnamese poker SEO, I mean, yeah, we're going to pull those off.

Those are fun.

Give me access to API.

I need right access to API.

Urgent, urgent.

Urgent, urgent.

Dave, Dave, Dave, I need access.

It's amazing they got your name.

I mean, they were hounding us for a couple of weeks.

Dave, Dave.

I think they finally gave up.

Give me right access API is very important for our podcast platform.

Why did you not respond?

You actually did respond once.

We take care of spam.

It's good.

Look now.

Yeah, yeah, we, yeah, shaking now we got rid of it all.

Okay.

Oh man.

Well, so just because there's so much, I think we talked about it on the last show.

There's so much confusion about the FCC.

And to be fair, in other countries, there are organizations who police content.

And this is certainly happening in the EU and certainly happening in the UK.

And I don't believe they have any jurisdiction over podcast index.

They could certainly block us, I guess, on a network level.

That'd be cool.

It would be something different.

Be fine.

Yeah, it'd be fine.

So that's certainly something they can do.

In the United States, it really comes down to one thing and that's liability.

And the reason we can do this at all is because of section 230.

Yeah.

And of the Communications Decency Act, I think it is.

And that says that we can have content that is created by other people.

And if there's something, if there's some form of, what's the term I'm looking for?

Slander or the other term, you have slander, you have- Libel.

Well, in essence, if someone says, I'm going to kill this person and it's in a podcast or in a description somewhere, we are not liable for that.

And if they change section 230, which I highly doubt they will because that would kill everybody.

That would kill Facebook.

That would kill X, everything.

Every social media site, even Google could run into trouble then.

So I doubt they're gonna get rid of that.

But there's no organization, no governmental agency in the United States that can stop us from doing anything we want to do, except for the courts.

And if that happened, if they changed section 230, well, that could be difficult.

Then we're just back to bloated apps with the whole index on it.

I don't know what else we can do in that case.

SQLite download or whatever, yeah.

Yeah, you just pull in the whole thing.

Yeah, I don't, I mean, there's no, yeah, we're not gonna, I think some, maybe in the beginning of when we started the index, it got a little confused that what we were saying was- Right wing nut jobs.

Yeah, like Alex Jones and stuff like that, which is just like, that's not the case.

I mean, there's no, it does not matter.

That was just who happened to be the target for censorship at that time.

But the targets for censorship change constantly.

That's always been the case.

And your particular political quote enemy today maybe is- Could be you tomorrow.

Yeah, it could be you tomorrow.

So the thing is just complete, we're just completely neutral hands off.

And that's the only way you can make anything like that work.

It's just the only, it's the only way you maintain credibility.

But for sure, Spotify and Apple and others, I think they take stuff off all the time.

We know this, we know this from the hosting companies.

I used to get a lot more in from Todd, but he died, that sucks.

Like Todd would give you all the dirt.

Todd, that was, I miss you, Todd.

That was cool.

Oh, no hacker.

There is no username Celine on my server.

Stop it.

Celine?

Yes.

They're just rolling through the whole index.

I saw Nancy, I saw Celine, I saw emo.

Nancy?

Nancy.

No username Nancy.

No, no Nancy here.

Yes, there's no Nancy here.

That like, you should name all your SSH users Nancy.

Yeah.

Hi, I'm Nancy.

Hi, I'm Nancy.

How you doing?

Isn't that an old timey term to call somebody like a wuss?

Yeah, you're Nancy.

Yeah, oh, absolutely.

That's right.

You Nancy.

There's no Nancy on this server, go away.

That's funny.

Go ahead.

I was going to move on to something else.

Yeah, sure.

Did you see the X402 foundation on Coinbase?

The X402 transactions?

Yeah, well, there's been a lot of movement on the 402 thing.

It's very interesting.

Because I think Cloudflare is doing something as well.

Yes, yes.

Cloudflare is partnering with Coinbase to create the X402 foundation.

The foundation's mission will be to encourage the adoption of the X402 protocol an updated framework that allows clients and services to exchange value on the web, there's my favorite word, using a common language.

In addition to today's partnership, we are shipping a set of features, blah, blah, blah, SDK, et cetera, et cetera.

And the way I see this, this is your programmable money.

This is what we were trying to do and succeeded with the Lightning Network and with Bitcoin.

And I think that they've probably got a very, very decent idea here with 402 payment required response.

And what you're talking about, and I'm gonna have to rely on you for this because I have not researched it.

So you're talking about the Coinbase thing right now?

Well, it's a foundation.

So it's Coinbase and Cloudflare, they're both in it.

And the idea here is to fully bring 402 out of the like- The dungeon.

The dungeon, the Bitcoin dungeon and make it where it's multi-currency.

Well, what they're using it for is pay -per-crawl.

You see the Cloudflare guy, who seems like a pretty decent guy, actually.

I read a long interview with him.

Yeah, I think so too, yeah, yeah.

He said, look, everybody, all the AI companies are just crawling all of your crap all day long.

Put your stuff behind our Cloudflare wall, wall of protection, and you can allow bots to crawl your website, but they have to pay for it.

And it's an automatic process through this X402 protocol.

They call it pay-per-crawl.

Which, I mean, think about that with the index.

We should set it up regardless.

You never know, we could make some bank on that.

Pay-per-crawl, everybody.

Man, bot fighting is like a freaking full -time job.

So, interesting thought.

But it can easily be turned around and used for good in a positive manner by incorporating it into value-for-value transactions between podcast apps and podcasters.

The way I see it, I don't see any way it wouldn't work or any downside to it.

The upside is probably because it's unavoidable that, and I've said this before, that Stablecoin is going to be in our lives all the time, everywhere.

It's a fact, it's just coming.

Then it may not call it Stablecoin, just be, here's a dollar, you know?

How much?

Oh, you owe me 10 bucks.

Okay, here's 10 bucks.

Oh, you want to boost me three cents?

Here's three cents.

And I think it'll be fee-less, probably.

So, the idea here is that perhaps we could change, I'm trying to think this through.

We could perhaps modify the value tag to use the 402 for payment.

Yeah, but I don't even think you have to modify it much.

You just have to add, here's another option.

Right.

I mean, they got code and everything.

They got code, man, sample code.

Let's run it.

Let's run it, Nancy.

Yeah, right, just download that thing and run it.

Let's run it, Nancy.

SSH Nancy run code.

I think, this is, yeah, this is interesting because I never really thought about, and when I've thought about 402, I always thought about it in terms of like what Sam is calling secure and Sam and Russell call secure RSS.

You know, and that's clearly working on TrueFans and Fountain and Pod2 and, but using it for, if we had a common API, okay, all right, well, how would this be?

Suppose there's a common API defined and let's say it could be a continuation or a fleshing out of Alex's MetaBoost API spec.

Yeah.

So you have that as the interface and then a hosting company or publisher would publish the callback to that in a value tag.

Let me give you the examples, the examples they list, okay?

Which is, and someone's going to do this.

Someone is going to do this, whether it's us or not, I guarantee you.

So the examples they give, they say X402 can be used to monetize traditional use cases, but also enables monetization of a new class of use cases.

For example, an assistant that is able to purchase accessories for your Halloween costume from multiple merchants.

So that's like an AI agent.

Okay, fine, whatever.

Then they have an AI agent, which could also just be a person on a web browser, pays per browser rendering session instead of committing to a monthly subscription fee.

And the third example, an autonomous stock trader that makes micropayments for a high quality real -time data feed to drive decisions.

So in my mind, it's like you can listen to this podcast for free, but if you enable your X402, then you will automatically make micro, and I don't know if they have like an open-ended payment or if it's like an invoice that has a number on it, but you can then decide to make payments in real-time micropayments for the high quality real-time data fee of MP3 information that comes back.

It's the same thing.

They're just thinking of in commerce and I'm thinking value for value.

So, you know, it would say payment, let me see, payment required.

Okay, we know that.

I just don't know if it can be open-ended.

Chad F., does it do keysyn?

Well, that is, it's funny, but that's actually the question, is does it do bolt 12?

You know, does it, can you have an open-ended payment requirement or does it have to be a specific number?

This, I don't know.

Well, it's just, if you're, if you ping the, if we're doing X402 or L402, I don't know why they could call it X.

I don't know what that's all about, but if there's a 402 endpoint that you're hitting, then you're gonna get some, you know, you're gonna get some sort of token and then you could use that to make your payment.

And then I'm just thinking that the API that it's gonna call can hold all of the, because we're gonna have, you know, what we need is an API that is like the abstraction layer between whatever the currency is gonna be and whatever, and what the payer is sending.

Because it could be anything on either side and it's just gonna get, you know, it would just get translated.

I don't, this is interesting.

I'm gonna have to think about this.

Because I can see how this would solve, Bolt12 is just a different form of LNURLP.

It's the same thing.

Really, Bolt12 is just LNURLP, but it's been pulled completely into the Lightning protocol.

Here, you have an answer.

X402 supports variable payment amounts, which can be adapted for open-ended donations where users specify different values.

The protocol uses HTTP 402 responses to find payment details, including the exact amount in stable coins like USDC and allowing flexibility per request, such as basing the amount on user input or parameters in a donation flow.

While it's primarily designed for automated micropayments, AI agents, it can handle custom amounts for purposes like donations through appropriate client-server implementations.

So there'd have to be a back and forth.

Like, hey, I wanna send you three cents a minute.

Okay, I'm gonna give you a three cents a minute token.

Something like that.

Right, Nathan says 402 is just the HTTP response.

I don't believe the version of Cloudflare Coinbase will support Lightning Network.

No, I understand that, Nathan.

I understand that.

What I'm trying, what I'm thinking, I'm not being clear because I'm trying to think this through in real time.

What I'm saying is that if the value tag is changed to support instead of raw Lightning, if it's changed to support 402 in whatever flavor that is, whether, you know, this thing X402 or- Then you need an API to do some back and forth, is what you're saying.

Right, right, because right now the API is, when you're talking about a Lightning value tag, the API that you're communicating with is already defined.

Right.

It's defined by the RPC, excuse me, by the either, you know, REST or RPC or Keysend or Bolt11, all those things, all those layers of that stack are already there and we know what they are.

So that's why when you define the method equals Lightning, that you know how to interface with that.

So if we change the available value tag method to be something like X402, then the question is, what does the API look like on the other side of it?

And we know that X402 is going to be defined.

Yeah.

That's clear.

They're going to define that, but it's going to be, everybody can implement it.

And so each person's implementation can have its own flavor.

And so what I'm thinking is that if we have an X, if we have a flavor of X402 that is tuned to podcasting's need, it can be backwards, it can be compatible with X402 in the general sense, but that it can also have baked into it the metadata stuff that we need so that that is an exchangeable.

Right.

Because I'm imagining that X402 itself is not - There's no metadata.

I don't know this.

No, there's no metadata.

Nothing.

Or just something generic.

Right.

Something generic, just like, who knows what that is?

I haven't looked at the spec yet, but if it's just something generic, we may be able to take and shoehorn in the metadata spec that we need it to be.

So yeah, I know I'm referencing Lightning, but I know they're two separate things, but I think this, we could make this, we could make this work, I think.

I think so too.

Okay.

Gonna have to, gonna have to think about, I wonder, I mean, does anybody have example servers up yet?

Maybe Cloudflare?

Yeah, I have a, they got all kinds of stuff on Cloudflare, hold on.

Okay.

I'll give it to you.

Because, you know, Alex started writing that MetaBoost spec, MetaBoost API, I mean, we could, we could just modify 402 to accept the thing we need it to be.

That's what I would kind of hope for in this.

And they're taking contributions to the protocol.

So get your code in now.

Yeah.

Well, they got a, they got a GitHub.

I wonder where that is, let me.

Yeah, it's in that link I just sent you.

The Coinbase X402 thing?

Yeah.

Vue docs, I wonder if that's- Hey, they have a free app.

They have a free app.

A free app?

Yes, a free app.

The free app that makes your internet safer, now available for even more devices.

What does this app do?

Okay.

It's Warp.

It's the Warp.

GitHub Coinbase X402, here we go, okay.

So it's GitHub.com slash Coinbase slash X402.

There you go.

And yeah, it looks like CloudFlare's, yeah, CloudFlare agent docs, they're also the X402.

So we need to figure out where all this stuff crosses over.

One line of code to accept digital dollars, no fee, two second settlement, 0.001 cent minimum payment.

That's cool.

Open standard, the phone will never force reliance.

Yeah, okay, we just need to read through this.

I'm glad you brought this up because I had seen it multiple times this week and just had not gotten into it.

Yeah, it's, you know, you know me.

I'm like, this is beautiful.

It's got a payment sequencing, the OCV1 protocol sequencing, it's like payment method.

Yeah, the question I have is just, where is the, do they have anything like a sandbox?

That I don't know.

Up and running that you can hit and see what it does.

Yeah, I haven't looked at it yet.

Not that deep.

I've been fighting hackers who are now at N for Nokia.

Oh, they're just going through the alphabet.

Went from Nancy to Nokia, took them a half an hour.

Oh boy, you guys, I'm telling you.

Yeah, I'm telling you.

You're going to be there all day.

I hope they packed a lunch.

It's kind of fun.

It's kind of fun to know that someone is desperately trying to do this.

All these things are probably coming from like some hacked home router in Brazil, you know?

Oh, it's actually, no, some of it's coming from Linode.

Interestingly enough.

So they're, you know, using a Linode to hack a Linode.

And- Oh, really?

Some of it, yeah.

A lot of people.

Yeah, what is this one?

Hostingmail, servermail.org is another fine one.

Oh, it's giving you reverse name.

I've got trace routing some of them.

Oh, you're tracing, okay.

Yeah, so they've hacked in all kinds of stuff.

Like, oh, I got someone's mail server.

Cool, we'll use this.

Great, great, yeah.

And you know what?

There's a lot of hacked servers out there, that's for sure.

Oh yeah, I bet.

It's unbelievable.

Let's see, where is this one coming from?

Oh, interesting.

Dude, I think, what's this from?

Global, telemark.brazil, yeah, Brazil.

Yeah, the reason I said Brazil is because I think Brazil had a huge, I think they had millions of home internet routers that were of one particular kind that had like a horrible flaw in them a few years ago.

Oh, and they're all pwned.

Yeah, it's like the botnet army of the universe.

Nice.

Hey, let's thank some people, Dave.

I heard some boost coming in, which is nice.

We got Chad F with 333 and Dreb Scott with 12345.

12,345 sats.

Go, Nanaia, podcasting.

Yes, I'm with you.

Anonymous from CurioCaster222.

AI has already ruined V4V music.

Well, it's ruined all music.

I mean, has it really ruined music?

Has it ruined V4V music specifically?

I don't know.

I mean, has it ruined music?

I don't listen to AI stuff.

Some stuff, I don't know.

I mean, I think Taylor Swift is basically AI anyway.

Yeah, there you go.

SaltyCray on 236.

AI dumbing the world down with one bad search and song at a time.

Yes.

Chris, you know, 1800 sats.

Stacker.news is up to 26 different lightning wallets you can connect.

I'd recommend anyone make a free Stacker.news account just to look at stacker.news slash wallets page, see how many different options are out there.

Would love to see these options in P2 .0 apps.

Oh, I have to take a look at that.

Bad signal received from SaltyCray on 777.

Heard that during the opening of the show, I think.

And anonymous podcast guru user with 408 sats.

Oh, I love that guy.

Yeah, he's a good guy.

Any updates on the wallet stuff?

The arguing and blaming people is starting to turn even more people away or at least making them feel like they're doing something wrong for using the tools available to them.

Well, I don't know.

What's the update?

Is there any update?

On what?

I don't know, on the wallet stuff.

What is the wallet stuff?

I'm not sure.

Like, you know.

Is it my Albi or something?

I guess.

I mean, I guess the ongoing KeySend versus LNURL.

I mean, that's.

Well, I mean, that to me, it's just a done.

It's just that argument's over.

KeySend's just a redheaded stepchild.

It's never gonna go.

Nobody supports it.

So, I mean, you can't.

Your massive users are on strike in Cash App and in those kind of apps.

And they're just not gonna, they're just never gonna support KeySend.

They're not gonna do KeySend.

It's just not.

It doesn't matter what I think about it or anybody else.

It just matters what happens.

And that's the way the universe is moving.

So, I mean, I'm not blaming anybody.

No, no.

Blame anybody.

It's just the way, just this life.

I mean, we're not, you know.

You can't, you just, that's just the way it's gotta be.

So we gotta adapt.

And I think we got a good spec.

The Bolt 11 stuff is, LN address works.

You know, the metadata thing is a problem, but, you know, I don't, I'm not convinced that we actually need the metadata.

I'm just not, you know.

We have, when you send somebody a PayPal, you see, a lot of times all you see is a little, a short note in their name.

And that's fine.

And that's fine.

Because what matters is they gave you money.

That's the way I see it.

So, I just, I'm not, if there was something more specific you were talking about, you know, to respond, but I don't, I just think that's where we're at.

I think that's just, that's the future.

No, I love cotton gin.

Apple just controls the podcast index.

It's just the way it is.

It's what the universe wants.

No, they don't.

So that's patently not true.

What?

I don't know.

This is, they think you're lame.

You're lame.

Lame answer.

You need to support Keysend.

I can't make Cash App support Keysend, or Strike, or Coinbase.

I can't do, I mean, like, they're just not going to do it.

I don't know what I can do about it.

I mean, okay.

That's where, I mean, that's where all the, most of the Bitcoin is.

That's literally where the money is.

Literally.

Yeah.

Yeah.

My entire claim to starting this project, yeah, exactly.

And that's what we did.

We totally did that.

Apple doesn't control the podcast.

Apple doesn't control podcasting.

That's exactly why we added the value for value because we had programmable money through the Lightning Network.

It was very cool.

And then Keysend went away, and then the wallets went away.

And so now we have to fish or cut bait.

Either we use LN addresses and everyone is happy with it, or we don't.

Yeah, I mean, Brian on the index this week, Brian showed the RPC calls for LND.

Now, they will not let you send Keysend directly through the RPC calls.

The- Oh, really?

They're broken.

Really?

On LND, they won't let you do that anymore?

On LND, they deprecated the RPC call that had the pub key in as a destination address.

The new RPC call, Brian of London is who I'm talking about, the new RPC call in LND that's meant to replace the deprecated one does not have a public key property in it to send to.

So whenever that other one, which is marked deprecated, whenever that other one goes away, Keysend is gone.

Well, I think what we need to do because this pops up all the time, aren't you using Keysend to receive these boosts?

Okay, good.

I'm going to remove all the Keysend and we'll just use LNURL.

That's fine.

I really think there's a disconnect going on here.

BitPunk, yes, nobody ever said that it doesn't work right now for everything.

What we're saying, people don't understand, some Keysend still works.

Okay, I'm just going to lay this out.

This is the truth as far as I understand it right this second.

Some Keysend still works across the board.

Okay, that is a fact.

Keysend does not and will never work on hosted wallet solutions where most of the easy onboarding is like CacheAppStrike, et cetera.

The deprecation that we were talking about with Keysend is one layer removed than what you think it is.

Keysend itself is still supported in LND.

The API, LND's own API, the RPC calls for LND that support Keysend, that has been deprecated, okay?

So the RPC call to send a payment, they deprecated version one of that call and replaced it with version two.

Version two does not support a public key as the destination address, which is what you have to do to send Keysend.

So the call that supports Keysend in LND RPC has been deprecated, even if Keysend itself has not been deprecated as a feature.

Because it doesn't matter if Keysend is still in there.

If you can't get to it, then you can't send it.

And the quote, some guy named Brian, he's the guy that's quoted in Lightning Lab's documentation about how to send Keysend.

That's the some guy named Brian.

They literally used his code as the example in their own documentation.

And if you want a better explanation for this, look back on the podcast index social from back after the show last week.

And Brian piped in and gave links to the documents showing the deprecated API calls.

This was discussed right after the show because nobody believes that there was a deprecation issue going on.

And the confusion is, it's Lightning Labs.

Don't blame me, blame them.

Because they've deprecated the APIs that allow that stuff to be sent.

Now, the marquee tag in HTML is also deprecated, but it's still supported by a whole bunch of browsers.

But nobody, but everybody's gonna use CSS animations instead of marquee because nobody knows when it's gonna go away.

Because it's officially been deprecated.

So look, just, I don't know what else to say.

It feels like a losing battle.

So I don't see why we're gonna continue to fight this.

Yeah.

Well, I'll switch our feeds to LNURL.

That's easy.

And we may not get boosts with metadata, but we'll get payments if people still wanna send money and support the index.

So I got no problem with that.

Look, I don't like it.

I don't like it.

I love KeySend, I love the way it worked.

It was so simple.

But you're shooting the messenger here, man.

Yeah, exactly.

Okay.

Why don't you read some of the last boosts we'll ever receive?

The Bruce, the ugly quacking duck, 2222 through podcast guru says, love the testing 73.

Thanks guys.

You're welcome, Bruce.

And let's see, we got, oh wait, we got Tommy.

Yeah, here it is.

Commissioner blogger, 13710 through fountain.

He says, howdy Dave and Adam.

Although I'm agnostic now, in childhood I was Christian and I even visited the Vatican several times.

And today I want to recommend a podcast that can be found by searching for quote the Charlie Kirk show unquote in podcast apps or at www.charliekirk.com.

After Charlie's murder, new episodes are still being published.

Thanks to Daniel J.

Lewis for the hint.

Yo, CSB.

Thank you.

We got some, we got some monthlies.

We got Chris Bernardik, $5.

Michael Kimmerer, $5.33.

Dreb Scott, $15.

Christopher Reimer, $10.

James Sullivan, $10.

Cohen Glotzbach, $5.

Jorge Hernandez, $5.

And Michael Goggin, $5.

All right.

Well, thank you all very much for supporting the Podcast Index Project.

It all goes into the funds to keep this thing rolling and to keep us indeed, keep podcasting independent from Apple or anybody else for that matter, which is the entire mission.

Go to podcastindex.org.

You can read our mission.

It's right there on the homepage.

And below it is a big red donate button.

We do accept your fiat fund coupons.

And just hit that button to send us some.

I feel like we're ending on a downer here, Dave.

Man, I know.

I just want like, the boardroom just went nuts.

Went hostile.

Hostility, hostility.

We have, what do you call it?

Activist investors on the board.

It's a hostile takeover.

Hostile takeover.

All right, everybody.

We'll be back with new lightning addresses on the Node next week.

Join us then for the board meeting of Podcasting 2.0.

I think they're cool.

You have been listening to Podcasting 2.0.

Visit podcastindex.org for more information.

Go podcasting!

I mean, that is hilarious.

Never lose your place, on any device

Create a free account to sync, back up, and get personal recommendations.

Create account